The big lesson from the monstrous DDoS attack on Internet of Things (IoT) devices

The October DDoS attack wasn’t the usual attack. It targeted IoT devices and also showed just how hackers are constantly looking for new and innovative ways to seek the smallest security gaps. How can you beat them at their own game?

You know why DDoS was as monstrous as it became. It didn’t do the predictable. It didn’t steal any passwords or there was no case where data was compromised.

As per New York Times, they defined DDoS as, “A distributed denial-of-service attack, or DDoS, occurs when hackers flood the servers that run a target’s site with internet traffic until it stumbles or collapses under the load. Such attacks are common, but there is evidence that they are becoming more powerful, more sophisticated and increasingly aimed at core internet infrastructure providers”.

Why did DDoS get so much attention? And why are we talking about it?

Because, if you’re not giving it your full attention, attacks like these could devastate your company. And the attack has revealed how the seemingly promising Internet of Things (IoT) devices are vulnerable. There were a number of IoT devices that were impacted with the DDoS attack (mainly the home surveillance cameras). It left home owners to wonder if they are better off without the home surveillance cameras.

The attack is directed from the same target from different source. The Internet of Things (IoT) devices are, for the hackers, a number of devices that are exposed, vulnerable and unprotected. With the advancement of IoT devices, the number of these attacks can go higher.

Printers, cameras, refrigerators, sensors, thermostats and a number of other IoT devices are exposed to DDoS and other similar devices. It impacted all kinds of businesses. From retail stores to enterprises…all were impacted with the onslaught of the October DDoS attack.

What did the DDoS attack prove?

The distributed denial-of-service attack or DDoS was an eye opener as far as IoT devices are concerned. One of things that became evident was that these devices are easy to hack and can be attacked since they can be accessed over a local network. These are also hard-coded with default passwords, which are easy to guess.

What many of us don’t know, however, is that the security of devices which are exposed on the network versus the ones that connect to the network through a secure cloud is way higher.

What’s missing is lack of information between secured and unsecured networks. Even if consumers know that their IoT device is on an unsecured network, they are not aware of how to make it secure.

How do protect yourself from DDoS?

DDoS has made one thing very clear.

Secure cloud and encrypted connections are a must.

With such attacks, consumers will become more aware and question the security of the devices before investing in them. Smart home companies, too, will have to change their back-end architecture and follow more stringent protocols to reinstate that IoT devices are secure. These companies will also have to invest in educating the consumers on the available security norms.

One has to defend the IoT devices, like other devices that are connected over the network. The attackers are on a constant lookout for security loopholes in the IoT devices.